Piwik – 403 error, skip/bypass 3rd Party Applications

Home Forums BulletProof Security Pro Piwik – 403 error, skip/bypass 3rd Party Applications

Tagged: ,

This topic contains 4 replies, has 2 voices, and was last updated by  Terry Chadban 9 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #34110

    Terry Chadban
    Participant

    Hi Edward,

    Thanks again for your help! I will need to give you some background to explain this one better. We have a utility website at portmac.pw which just has a basic WP website on it to protect it from hackers. Underneath that we have local installs of a number of programs, including Piwik, SEO Panel and Mautic.

    At the moment BPS Pro is logging the attempts to access Piwik as hackers even though the access is from inside the server:

    [403 POST Request: September 19, 2017 - 7:34 am]
    BPS Pro: 13.3.1
    WP: 4.8.1
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 139.99.141.192
    Host Name: syd-cp4.promptwebhosting.com.au
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: POST
    HTTP_REFERER:
    REQUEST_URI: /piwik/
    QUERY_STRING:
    HTTP_USER_AGENT: Empty User Agent
    REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data
    
    [403 GET Request: 19/09/2017 - 4:00 pm]
    BPS Pro: 13.3.1
    WP: 4.8.1
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 139.99.141.192
    Host Name: syd-cp4.promptwebhosting.com.au
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER:
    REQUEST_URI: /wp-cron.php
    QUERY_STRING:
    HTTP_USER_AGENT: Wget/1.14 (linux-gnu)

    REMOTE_ADDR: 139.99.141.192
    Host Name: syd-cp4.promptwebhosting.com.au is our server.

    We are also getting PHP errors from a couple of programs, which I would have said were bad coding except that I know one of the program developers, and the plugins were working fine before we transferred over to BPS Pro.

    [15-Sep-2017 11:31:14 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/portmaco/public_html/wp-content/plugins/wp-spamshield/wp-spamshield.php on line 8286
    [15-Sep-2017 16:56:45 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/portmaco/public_html/wp-content/plugins/wp-spamshield/wp-spamshield.php on line 8286

    WP Robot 5 and Advanced Uptime Monitor are throwing up similar errors, “Invalid argument supplied for foreach()”.

    Terry

    #34112

    AITpro Admin
    Keymaster

    To solve the Piwik 3rd Party Application 403 errors see this forum topic > https://forum.ait-pro.com/forums/topic/custom-applications-outside-of-wordpress-3rd-party-apps/.  Additional reading if you’re interested > http://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/

    The second Security Log entry is occuring because the User Agent that is performing the GET Request has “wget” in the User Agent name.  See this forum topic for the solution > https://forum.ait-pro.com/forums/topic/wp-whats-my-rank-cron-job-blocked/.

    I don’t think the php errors are being caused by BPS.  They look like standard coding issue/bugs that need to be fixed by that plugin author or there could be some kind of server or caching problem going on.  Typically BPS PHP Error logging simply logs PHP errors that are occurring in other plugins and themes, etc.  It is very rare when BPS causes a PHP error in another plugin.  ie maybe 5 times in last 7 years.  For more information about BPS PHP Error Logging and php error log troubleshooting see this forum topic > https://forum.ait-pro.com/forums/topic/how-to-troubleshoot-php-errors-php-errors-in-your-php-error-log/.

    If the PHP errors are occurring constantly then the only likely feature in BPS Pro that could be related to or causing the PHP errors would be the Plugin Firewall.  Do BPS Pro Troubleshooting step #3 to eliminate the BPS Pro Plugin Firewall.  If the PHP errors only occurred once or are occurring randomly then that is typically either a server hiccup, corrupt cache problem or there is a coding mistake in that plugin.

    #34115

    Terry Chadban
    Participant

    Hi Edward,

    You said:

    I don’t think the php errors are being caused by BPS.  They look like standard coding issue/bugs that need to be fixed by that plugin author or there could be some kind of server or caching problem going on.  Typically BPS PHP Error logging simply logs PHP errors that are occurring in other plugins and themes, etc.  It is very rare when BPS causes a PHP error in another plugin.  ie maybe 5 times in last 7 years.  For more information about BPS PHP Error Logging and php error log troubleshooting see this forum topic > https://forum.ait-pro.com/forums/topic/how-to-troubleshoot-php-errors-php-errors-in-your-php-error-log/.

    If the PHP errors are occurring constantly then the only likely feature in BPS Pro that could be related to or causing the PHP errors would be the Plugin Firewall.  Do BPS Pro Troubleshooting step #3 to eliminate the BPS Pro Plugin Firewall.  If the PHP errors only occurred once or are occurring randomly then that is typically either a server hiccup, corrupt cache problem or there is a coding mistake in that plugin.”

    The errors are occurring consistently so I will check out step 3 as well as the other links. The reason I figured that it had to be something in BPS Pro blocking them all is the fact that they were all throwing up the same error, the ‘foreach()’ error, and they all worked fine before I switched over to BPS. I don’t think that BPS is causing the errors per se, but possibly blocking the plugins from working correctly, but I will let you know what I find. Learning all the time!

    Terry

    #34116

    AITpro Admin
    Keymaster

    Yep, I understand that logically it appears that BPS is causing the php errors, but it is extremely rare that BPS would cause php errors in other plugin or themes.  It is possible that BPS is somehow involved in the equation, but not very likely.  😉  Do the BPS Pro troubleshooting steps and let me know if you find that BPS is causing the php errors and I will figure out what is going on.

    #34131

    Terry Chadban
    Participant

    Hi Edward,

    No, I wasn’t saying that BPS Pro was causing the PHP errors, but it was strange that they all had the same PHP errors, and all were working fine as-is. Anyhoo, I followed the advice for third party apps, and everything is starting to settle down now. Thanks again for your help, greatly appreciated!

    Terry

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.